Cybersecurity Analyst

TEXAS MEDICAL BOARD • Full-time • AUSTIN, TX, USA • 5d ago

Please paste the following URL into a browser to view the entire job posting in the CAPPS Career Section: https://capps.taleo.net/careersection/ex/jobdetail.ftl?job=00044032 You may apply to the job directly through the CAPPS Career Section. It is not necessary to apply both through Work In Texas and CAPPS Career Section TEXAS MEDICAL BOARD STATE JOB VACANCY NOTICE IT DEPARTMENT Internal/External TELECOMMUTE ELIGIBLE Job Posting: 25-503-07 Opening Date: 4 November 2024 No. of Openings: 1 Monthly Salary: $6,562.50 Closing Date: Open Until Filled Type of Employment: Full- Time Job Title: Cybersecurity Analyst Classification: Cybersecurity Analyst I Class Number: 0319 Salary Group: B23 FLSA Status: Exempt Remote Category: Yes/Category 3 Location: Austin George H.W. Bush Building, 1801 Congress Ave, Austin, TX 78701 How to Apply: All applications for employment with the Texas Medical Board must be submitted electronically either via CAPPS at CAPPS RECRUIT website or click the Texas Medical Board (state.tx.us) link for instructions or submit application through Work in Texas (WIT) before 12:00 a.m. central time on the job closing date. Applications can be FAXED to 512.305.7124 or e-mailed to Human.Resources@tmb.state.tx.us. All fields on the application must be completed. We may reject applications that do not include all of the required information. Resumes do not take the place of the information required on the state of Texas application. Additional Information: Must reside in Texas. No dual state employment with another state agency or higher education is allowed. Must provide DOB for background check. Agency does not reimburse for travel or lodging expenses to attend job interviews. Virtual job interviews can be requested. For veterans preference, please submit with your application a copy of the DD-214. Additional Military Crosswalk information can be accessed at: Military Crosswalk for Occupational Category - Information Technology (texas.gov) Agency Information We have over 200 employees across the state of Texas. We are a collaborative and team environment work culture that values an environment of trust and accountability. Together we work towards our Boards mission to protect and enhance the publics health, safety, and welfare by establishing and maintaining standards of excellence used in regulating the practice of medicine and ensuring quality health care for the citizens of Texas through licensure, discipline, and education. We value employee work-life balance and provide our team incentives that include telework, flexed and compressed work schedules, wellness leave, health insurance and retirement programs, 401K, vacation paid leave, sick paid leave, holiday pay, promotional opportunities, free parking, employee assistance program, and other various benefits. General Description Performs complex (journey-level) cybersecurity analysis work under general supervision and direction. May provide cybersecurity consultation for projects; may provide guidance on projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Assist cybersecurity initiative activities to include technical implementation, and policy standardization. Works under supervision of the Director of Information Technology with moderate latitude for the use of initiative and independent judgment Principal Duties and Responsibilities (45%) Maintains and administers security operations for TMB. Monitor and assist in the administration of security focused software and analyze alerts from various cyber security tools, network devices and information systems. Administer security controls to prevent malware delivery, execution, and extent of cyber incidents. Monitor agency and software systems for cybersecurity threats and attacks, remediating problems. Assist with defining security configuration and operations standards for security . Participate in threat assessment, cyber intelligence, software security, and vulnerability assessment services. Participates in researching and analyzing cybersecurity threat indicators and their behaviors and recommend threat mitigation strategies. (40%) Assists in designing, implementing, and maintaining the agency IT security architecture, policies, and procedures to improve TMBs cybersecurity maturity. Assist in developing, updating, and maintaining agency security policies, procedures, and other cybersecurity program documentation. Prepare reports for oversight agencies including but not limited to Monthly Incident Report and biennial Agency Security Plan. Develop cybersecurity awareness training strategies to serve multiple user groups and presents security awareness training. Assist in advising management and users regarding security policy and procedures; assists with stakeholder communication for optimal support to reach cybersecurity maturity goals. Implement or support programs or projects that ensure agency compliance with privacy and cybersecurity standards and legislation. Support external and internal audit activities, perform related responses, analysis, and security remediation. (10%) Incident Response Reports to Director of Information Technology, or designated Incident Response Lead, concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance. Participates in Detecting, investigating, remediating, and recovering from cybersecurity threats across TMB. Supports tactical response of incident detection and incident response. (5%) Performs related work as assigned. Knowledge and Skills Technical Skills a. Knowledge of best practices, principles, and techniques for developing security-focused management controls of access points, servers, desktops, and various other hardware assets. b. Knowledge of IT security threats and ability to implement preventative controls including firewalls, access controls, authentication systems, intrusion detection systems, VPNs, and encryption. c. Knowledge of the techniques used in the operation of security applications, and information security practices, procedures, and regulations. d. Knowledge of Microsoft server products including i. Windows Server 2016+, ii. Hyper-V virtualization, and iii. Active Directory e. In-depth knowledge and understanding of information risk concepts and principles, f. Ability to balance business needs with security controls. g. Knowledge of or experience with the NIST Incident Response Processes. h. Skills in the use of vulnerability assessment and penetration testing tools Analytical Skills a. Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems. b. Coordinating solutions to problems; scheduling, testing, installing, and implementing system software; and troubleshooting computer systems. c. Ability to analyze problems and develop solutions; to determine systems and network problems; to communicate effectively with clients/customers to gather information and/or explain policies and procedures. Communication and Other Skills a. Ability to communicate effectively in a variety of forms and to different audiences. b. Ability to establish and maintain positive and effective working relationships with others and to work well under pressure and maintain flexibility. c. Abil S:SKINTIAGP2